kubernetes学习笔记3资源清单

时间:2022-10-15 09:59:26



kubernetes对象:

pod|service|replicaset|deployment|statefulset|daemonset|job|cronjob

服务发现及均衡,service|ingress

配置与存储,volume|CSI|ComfigMap|Secret|DownwardAPI

集群级资源,namespace|node|role|ClusterRole|RoleBinding|ClusterRoleBinding

源数据型资源,HPA|PodTemplate|LimitRange



1、命令式资源清单创建资源​

kubectl -h

create|expose|run|set|explain|get|edit|delete #basic commands

rollout|scale|autoscale #deploy commands

certificate|cluster-info|top|cordon|uncordon|drain|taint #cluster management,drain排干模式,taint污点,与高级调度相关,能容忍某个污点的节点任务能调度上来,否则不行,如master上有很多污点,创建的pod不会在master上,默认pod不能容忍master的污点,所以master只干controller-manager|etcd|api-server|scheduler这4个重要功能

describe|logs|attach|exec|port-forward|proxy|cp|auth #troubleshooting and debugging commands,如kubectl describe node node01.magedu.com

apply|pathch|replace|wait|convert #advanced commands

label|annotate|completion #settings commands

alpha|api-resources|api-versions|config|plugin|version #other commands


kubectl version

kubectl cluster-info

kubectl describe node node01.magedu.com


kubectl run --help #自定义参数,先--,再arg1=value1 arg2=value2

Usage:

kubectl run NAME --image=image [--env="key=value"] [--port=port] [--replicas=replicas] [--dry-run=bool] [--overrides=inline-json] [--command] -- [COMMAND] [args...] [options]

kubectl run nginx-deploy --image=nginx:1.14-alpine --port=80 --replicas=1 #--dry-run=true

kubectl get deployment

kubectl get pods -o wide #桥用的是cmi0,10.244.2.x网段

curl 10.244.2.2 #仅在集群内能访问到,一旦容器异常终止会重新创建并运行,该地址会变掉,所以用pod容器的ip访问不妥当,应该用service地址

kubectl get pods

kubectl delete pods nginx-deploy-5b595999-2q6j5 #当容器异常停止后,会重新创建并运行

kubectl get pod -o wide #

kubectl describe svc nginx

kubectl get pods --show-labels

kubectl edit svc nginx


kubectl expose -h

Usage:

kubectl expose (-f FILENAME | TYPE NAME) [--port=port] [--protocol=TCP|UDP|SCTP] [--target-port=number-or-name] [--name=name] [--external-ip=external-ip-of-service] [--type=type] [options]

kubectl expose deployment nginx-deploy --name=nginx --port=80 --target-port=80 --protocol=TCP将deployment这个控制器的资源创建为service,service名为nginx

kubectl get svc #svc同service,仅在集群内可访问,这个地址是被pod客户端访问的,如果要用service名来访问,依赖CoreDNS

curl 10.98.39.54 #是10.96.0.0/12段的地址

kubectl get pods -n kube-system -o wide #coredns的地址为10.244.0.{2,3}

kubectl get svc -n kube-system #10.96.0.10

yum -y install bind-utils

dig -t A nginx @10.96.0.10 #未解析,可能给的A记录信息不完整

dig -t A nginx.default.svc.cluster.local @10.96.0.10 #在以下busybox运行的容器上查看/etc/resolv.conf完整域名


kubectl run client --image=busybox --replicas=1 -it --restart=Never

kubernetes学习笔记3资源清单


wget nginx #wget -O - -q http://nginx:80

wget -O - -q 10.244.1.4

wget -O - -q 10.244.1.4/hostname.html

wget -O - -q myapp

wget -O - -q myapp/hostname.html

while true; do wget -O - -q myapp/hostname.html; sleep 1; done

while true; do wget -O - -q myapp; sleep 1; done #显示v1


kubectl delete svc nginx

kubectl describe deployment nginx-deploy


kubectl run myapp --image=ikubernetes/myapp:v1 --replicas=2

kubectl get deployment -w

kubectl get pods -o wide

kubectl expose deployment myapp --name=myapp --port=80

kubectl get svc


Usage:

kubectl scale [--resource-versinotallow=version] [--current-replicas=count] --replicas=COUNT (-f FILENAME | TYPE NAME) [options]

kubectl scale --replicas=5 deployment myapp扩至5个,自动扩缩容要用到监控

kubectl get pods

kubectl scale --replicas=3 deployment myapp #缩至3个


kubectl get pods myapp-XXXXXX #查看Containers,名字为myapp


Usage:

kubectl set image (-f FILENAME | TYPE NAME) CONTAINER_NAME_1=CONTAINER_IMAGE_1 ... CONTAINER_NAME_N=CONTAINER_IMAGE_N [options]

kubectl set image deployment myapp myapp=ikubernetes/myapp:v2灰度更新


Usage:

kubectl rollout history (TYPE NAME | TYPE/NAME) [flags] [options]

Usage:

kubectl rollout status (TYPE NAME | TYPE/NAME) [flags] [options]

Usage:

kubectl rollout undo (TYPE NAME | TYPE/NAME) [flags] [options]

kubectl rollout status deployment myapp

kubectl get pods

kubectl describe pods


kubectl rollout undo deployment myapp回滚,默认至上个版本


iptables -t nat -vLn


Usage:

kubectl edit (RESOURCE/NAME | -f FILENAME) [options]

kubectl edit svc myapp改为type: NodePort

kubectl get svc #多了80:30020/TCP,30020端口

在集群外访问,172.20.0.66:30020/hostname.html



2、声明式资源清单创建资源​

可随时复用;


kubectl get pod myapp-848bXXX -o yaml

apiVersion: v1 #所属群组,格式group/version,省group则表示是core组

kind: Pod #具体的资源对象

metadata:

spec: #specification规格,重要,目标状态(用户期望的状态)

containers:

tolerations:

status: #当前状态,应无限接近目标状态



apiserver仅接收json格式的资源定义;

用yaml格式提供配置清单,apiserver可自动将其转为json格式,而后再提交;


资源的配置清单,5部分组成:

apiVersion #所属群组,获取所有群组kubectl api-versions,alpha-->beta-->canary-->stable

kind #资源类别

metadata #元数据,name同一类别下资源名称必须唯一,namespace,name受限于namespace,labels,annotations资源注解,selfLink每个资源的引用PATH为/api/group/VERSION/namespaces/NAMESPACE/TYPE/NAME

spec #期望的状态,disired state

status #current state当前状态,由kubernetes集群维护


kubectl explain pods #注意类型string|object

kubectl explain pods.metadata


mkdir mainfests

cd mainfests

vim pod-demo.yaml

apiVersion: v1

kind: Pod

metadata:

name: pod-demo

namespace: default

labels:

app: myapp

tier: frontend

annotations:

magedu.com/created-by: "cluster admin"

spec:

containers:

- name: myapp

image: ikubernetes/myapp:v1

ports:

- name: http

containerPort: 80

- name: https

containerPort: 443

- name: busybox

image: busybox:latest

imagePullPolicy: IfNotPresent

或command: ["/bin/sh","-c","echo $(date) >> /usr/share/nginx/html/index.html; sleep 5"],2容器间的存储卷是自己的,不能这样测试

- "bin/sh"

- "-c"

- "sleep 3600"

nodeSelector:

只运行在指定标签的节点上


kubectl create -f pod-demo.yaml

kubectl get pods

kubectl describe pods pod-demo

kubectl get pods

kubectl logs pod-demo myapp

curl 10.244.2.10


Usage:

kubectl logs [-f] [-p] (POD | TYPE/NAME) [-c CONTAINER] [options]

kubectl logs pod-demo busybox


Usage:

kubectl exec (POD | TYPE/NAME) [-c CONTAINER] [flags] -- COMMAND [args...] [options]

kubectl exec -it pod-demo -c myapp -- /bin/sh #

kubectl delete pods pod-demo

kubectl delete -f pod-demo.yaml #通过配置清单删除资源